Joe Coletta, Product Marketing Manager, Contrast Security
Joe Coletta is a Sr. Product Marketing Manager at Contrast Security focusing on Open Source Security. Entering the AppSec field as a Security Program Manager, Joe has consulted dozens of organizations of varying sizes on how to work cross-functionally in order to scale their application security programs. Applying this frontline knowledge to a product marketing career, Joe develops go-to-market resources that capture the voice of AppSec practitioners in both Security and Development. On a personal note, Joe divvies his free time between reading, drawing, and Brazilian Jiu Jitsu
Subscribe to the Contrast Blog
By subscribing to our blog you will stay on top of all the latest appsec news and devops best practices. You will also be informed of the latest Contrast product news and exciting application security events.
Because of the ubiquity of client-side code in modern web applications, security coverage is a growing concern for DevSecOps organizations that want to make sure their application stack is secure, from client-side all the way to server-side code.
Historically, SAST scanners have had a rough time adapting to modern development pipelines. This is largely due to the fact that they were designed to act as a security gate within waterfall environments. In an attempt to find every conceivable vulnerability, many SAST tools today are still governed by the same antiquated SAST rules and scanning algorithms from 20 years ago. The end result is usually a list of false positives that can number in the hundreds, if not thousands — not a great way to promote developer adoption.
Figure 2: Contrast Scan is up to 81% more accurate than some of the leading commercial SAST tools
Figure 3: Contrast Scan finds nearly twice as many critical & high-severity, client-side vulnerabilities as Snyk
See for yourself with CodeSec
For more information on how to get started with CodeSec, visit Developer Central for a step-by-step guide.
For more information on how to scale pipeline-native SAST across your enterprise, click here to schedule a demo of Contrast Scan with one of our experts.